{\rtf1\ansi\ansicpg1252\cocoartf1138\cocoasubrtf510
{\fonttbl\f0\fswiss\fcharset0 Helvetica;}
{\colortbl;\red255\green255\blue255;\red85\green17\blue13;}
\paperw11900\paperh16840\margl1440\margr1440\vieww10800\viewh8400\viewkind0
\deftab720
\pard\pardeftab720

\f0\fs24 \cf0 First reviewer's review:\
\
\pard\pardeftab720
\cf2 Summary of the submission <<<\
\pard\pardeftab720
\cf0 \
This paper identifies and discusses the common foundational characteristics\
of Model Driven Security (Mds)that are used in current approaches. They also\
proposed the Y-Model as an evaluation schema for Mds, based on the identifi ed\
characteristics. A selection of Mds methodologies in the literature was\
evaluated, discussing their capabilities and shortcomings. Finally, the authors\
also analyzed the trend of Mds evolution in the last decade and proposed a\
potential future development approach of Mds by incorporating heterogeneity and\
proposes a Heterogeneous Model Driven Security approach.\
\
\pard\pardeftab720
\cf2 Evaluation <<<\
\pard\pardeftab720
\cf0 \
That's an interesting paper that tackles a relevant topic -- Mds. I believe the\
work presented can be very useful for Mds researchers and practitioners as the\
drawbacks and advantages of the evaluated approaches can inspire new research.\
\
However, I miss more detailed info about the selection of the approaches like\
the level of maturity (e.g. application in industry), which was discussed very\
briefly at the end of section 3.Moreover, in your proposed model, I think you\
should discuss the role of an ontology for security as base for comparing\
different approaches.\
\
Other comments.\
- the quality of the figs should improve, it's difficult to read. Maybe you\
could improve by increasing the font size of the respective texts and labels.\
- i detected some typos: abstract "We THE analyze the evaluation result and";\
page 5 "Layer 3 is even WORST, since"\
\
*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*\
\
Second reviewer's review:\
\
\pard\pardeftab720
\cf2 Summary of the submission <<<\
\pard\pardeftab720
\cf0 \
The authors compare existing model-driven approaches by mapping them to a\
generic modesl ("Y-model"). Based on this comparison relevant fields for future\
work are derived.\
\
\pard\pardeftab720
\cf2 Evaluation <<<\
\pard\pardeftab720
\cf0 \
The topic of the paper is definitely interesting. Comparing model-driven\
security approaches which have been developed in the last decade with different\
goals and using different technologies is certainly a worthwile endeavor.\
\
On the other side I see some drawbacks in the approach.\
- The first is concerned with the orthogonal concepts considered within the\
evaluation. One selected aspect - backward traceability - is considered. Why\
only this one? Why do you not consider forward traceability, or the support of\
change and evolution?\
- Not all statements about the research frameworks seem to be correct. Since\
all of them are research approaches quite a lot of publications exist about\
each framework. In order to make correct statements you have to take the\
entirety of publications about each framework into account.\
- The Y model assumes that code and tests are generated from the same model.\
This causes limitations because the tests more or less test the correctness of\
the transformation. \
- The paper has a lot of typos.\
\
Moreover, I cannot follow your argumentation in section 4.\
You state the following:\
A In order to support evolution and diverse security concerns a model-driven\
framework should support several DSLs.\
B But in this case we have two problems: Security concerns are spread over\
several models and we need powerful composition operators.\
\
Yes, I fully agree with you. But this simply means, that A is not a good\
option, isn\'b4t it? We do not need several DSLs but just a DSL framework\
providing enough flexibility to extend the meta model. In my opinion, such\
flexible DSL work benches (like e.g. XText) alread exist.\
\
*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*\
\
Third reviewer's review:\
\
\pard\pardeftab720
\cf2 Summary of the submission <<<\
\pard\pardeftab720
\cf0 \
The paper deals with model driven security (MDS). Specifically, the authors\
propose an evaluation schema, called Y-Model, which they use to compare\
different existing MDS methods. This comparison leads to highlight the\
evolution of MDS methods, their potentialities and drawbacks. Besides, this\
analysis results in the definition of an enhanced Y-model able to deal with\
modelling heterogeneity and with different security aspects.\
\
\pard\pardeftab720
\cf2 Evaluation <<<\
\pard\pardeftab720
\cf0 \
The paper is well written, tackles a challenging problem and outlines some\
interesting results.\
The authors present some background information in section 2 and ends with a\
new definition of what model driven security is. Then they propose a generic\
evaluation schema that is used to classify, evaluate and compare different\
approaches. This schema is called Y-Model. This name in literature has been\
already used by people working in the area of hw-sw co-design; for example see\
the work of Sangiovanni Vincentelli and his group. Besides, the same concepts\
have been applied in the area of performance evaluation by DeAngelis et al.\
some years ago. Even if, in this paper the idea and the concepts are plugged in\
the security domain, a reference and comparison to other works would be nice\
and useful.\
Different approaches are then analysed and a summary of the comparison is\
provided in table 1.\
The figures presenting the approaches according to Y-model should be enlarged,\
at present they are hardly readable. \
Section 3.4 describes the drawbacks and the evolution of the existing methods\
and in section 4 the enhanced Y-model is presented. The difficulties in its\
application are then presented and discussed. This section is quite\
interesting, however, adding some concrete example would help the understanding\
of concrete evolution from existing methods.\
\
*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*=--=*\
}